Lars-Henrik Eriksson

FME 2002: Formal Methods -- Getting IT Right

The automated construction of mathematical proof is a basic activity in computing. Since the dawn of the field of automated reasoning, there have been two divergent schools of thought. One school, best represented by Alan Robinson’s resolution method, is based on simple uniform proof search procedures guided by heuristics. The other school, pioneered by Hao Wang, argues for problem-specific combinations of decision and semi-decision procedures. While the former school has been dominant in the past, the latter approach has greater promise. In recent years, several high quality inference engines have been developed, including propositional satisfiability solvers, ground decision procedures for equality and arithmetic, quantifier elimination procedures for integers and reals, and abstraction methods for finitely approximating problems over infinite domains. We describe some of these “little engines of proof” and a few of the ways in which they can be combined. We focus in particular on combining different decision procedures for use in automated verification. Its great triumph was to prove that the sum of two even numbers is even. Martin Davis [Dav83] (on his Presburger arithmetic procedure) The most interesting lesson from these results is perhaps that even in a fairly rich domain, the theorems actually proved are mostly ones which call on a very small portion of the available resources of the domain. Hao Wang (quoted by Davis [Dav83]) Funded by NSF Grants CCR-0082560 and CCR-9712383, DARPA/AFRL Contract F33615-00-C-3043, and NASA Contract NAS1-20334. John Rushby, Sam Owre, Ashish Tiwari, and Tomás Uribe commented on earlier drafts of this paper. L.-H. Eriksson and P. Lindsay (Eds.): FME 2002, LNCS 2391, pp. 1–20, 2002. c

Extensions of Logic Programming

What do you do to start reading extensions of logic programming? Searching the book that you love to read first or find an interesting book that will make you want to read? Everybody has difference with their reason of reading a book. Actuary, reading habit must be from earlier. Many people may be love to read, but not a book. Its not fault. Someone will be bored to open the thick book with small words to read. In more, this is the real condition. So do happen probably with this extensions of logic programming.

Using Formal Methods in a Retrospective Safety Case

Today the development of safety-critical systems is to a large extent guided by standards that make demands on both development process and system quality. Before the advent of these standards, development was typically done on a “best practise” basis which could differ much between application areas. Some safety-critical systems (e.g. railway interlockings) have a long technical and economical lifetime so that today we have many legacy safety-critical systems in operation which were developed according to practises that would be regarded as unacceptable today. Usually, such systems are allowed to continue operating by virtue of past performance. If there is doubt about the integrity of a legacy system, an alternative to replacement could be making a “retrospective” safety case demonstrating that the legacy system is indeed safe to use. Using as example a case taken from railway signalling, we will show how formal verification can be used in a retrospective safety case. In this application of formal methods several particular problems arise, such as uncertainty about the original requirements and the required safety level of the various system functions. We will discuss such problems and the approach taken to deal with them in the example case.

Specifying Railway Interlocking Requirements for Practical Use

An essentially complete formal specification of safety requirements for railway interlockings has been developed. The work is part of as project with the Swedish National Rail Administration investigating the feasibility of using formal methods for the analysis of interlockings in a production setting. An overview of the specification is given and two ongoing case studies on verifying interlockings using the specification are described. Verification is done using the very fast Stalmarck theorem prover for propositional logic. The current limits of the technology is discussed.

Synthesis of a unification algorithm in a logic programming calculus

Abstract A formal specification of unification is presented and a unification algorithm is synthesized from it. The synthesis is done by logical deduction within the logic programming calculus developed by Hansson and Tarnlund. First-order logic with identity is used as the specification language and extended Horn clause logic as the target language.

Weak Nominal Modal Logic

Previous work on nominal transition systems explores strong bisimulation and a general kind of Hennessy-Milner logic with infinite but finitely supported conjunction, showing that it is remarkably expressive. In the present paper we treat weak bisimulation and the corresponding weak Hennessy-Milner logic, where there is a special unobservable action. We prove that logical equivalence coincides with bisimilarity and explore a few variants of the logic. In this way we get a general framework for weak bisimulation and logic in which formalisms such as the pi-calculus and its many variants can be uniformly represented.